Off-by-one Error

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Off-by-one Error

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

EUVD-2017-16328

Malware in sbrugna...

EUVD-2022-42530

Malicious code in bioql PyPI...

Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: dds buffe...

CVE-2024-47897 GPU DDK - PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write

Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots...

ABB Cylon Aspect 3.08.02 (escDevicesUpdate.php) Off-by-One Config Write DoS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description A vulnerability was identified in a PHP script where an off-by-one...

CVE-2024-49862

The CVE-2024-49862 entry describes a Linux kernel vulnerability in powercap/intel_rapl: an off-by-one in get_rpi() on rp->priv->rpi, where the array can be rpi_msr or rpi_tpmi with NR_RAPL_PRIMITIVES elements. The incorrect comparison (>) could access beyond bounds, enabling local access...

SUSE-SU-2023:4697-1 Security update for gimp

This update for gimp fixes the following issues: - CVE-2023-44442: Fixed PSD File Parsing Heap-based bsc1217161. - CVE-2023-44444: Fixed PSP File Parsing Off-By-One bsc1217163...

SUSE CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

CVE-2022-3103

off-by-one in iouring module...

RHEL 8 : graphviz (RHSA-2021:4256)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4256 advisory. Graphviz is open-source graph-visualization software. Graph visualization is a way of representing structural information as diagrams of abstract...

Important: Red Hat Security Advisory: nginx:1.16 security update

An update for the nginx:1.16 module is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.1 Extended Update Support, and Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

RLSA-2021:2290 Important: nginx:1.16 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 For more details about the...

Important: nginx:1.16 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 For more details about the...

[SECURITY] [DSA 4921-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4921-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 28, 2021 https://www.debian.org/security/faq -...

CVE-2019-19847

An off-by-one vulnerability was found in libspiro in the way a double array is first declared in a unit test and then accessed by the library itself. Applications that make use of libspiro in the same way as the example code in the test suite may be vulnerable to this flaw. A remote attacker coul...

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8671)

An off-by-one vulnerability exists in Microsoft Edge Chakra JavaScript Engine. The vulnerability is due to the way Microsoft Edge Chakra JavaScript engine renders when handling objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially...

CVE-2017-7301

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker ld program crash...

CVE-2017-7301

CVE-2017-7301 is a concrete vulnerability in GNU Binutils (libbfd). The aout_link_add_symbols function in bfd/aoutx.h has an off-by-one error in checking string offsets, which can cause the GNU linker (ld) to crash. Connected Nessus/Red Hat entries reference unpatched Binutils in various RHEL rel...